Solved

AIX Encryption using EFS

Posted on 2013-06-20
1
1,376 Views
Last Modified: 2013-06-26
I was testing EFS on AIX 7.1. it was working when I decided to start over.
I deleted the filesystem and recreated the filesystem with the same name.
Now I get the following when entering root's EFS password:
efskeymgr -o ksh
root's EFS password:
Encryption framework returned an error: libefs bad parameter

I can change the password but still get the same error message.

Does anyone know how to fix this?

Also, once EFS is enabled with efsenable -a can it be disabled?

oslevel -s
7100-02-02-1316

lslpp -L | grep openssh
  openssh.base.client     6.0.0.6102    C     F    Open Secure Shell Commands
  openssh.base.server     6.0.0.6102    C     F    Open Secure Shell Server
  openssh.license         6.0.0.6102    C     F    Open Secure Shell License
  openssh.man.en_US       6.0.0.6102    C     F    Open Secure Shell
  openssh.msg.en_US       6.0.0.6102    C     F    Open Secure Shell Messages -

TIA,
Dan Kaib
0
Comment
Question by:scodhk
1 Comment
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 39265238
Is your private key still valid?

efskeymgr -v

Maybe it could help regenerating the key

efskeymgr -R <algo>

e.g.

efskeymgr -R RSA_1024

And no, you can't revert the actions taken by efsenable (create admin/user/group keystores, create /var/efs, update /etc/security/user and /etc/security/group, update Config_Rules).

wmp
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
antivirus on mac 8 77
Bash Script to Analyze Oracle Schemas 11 108
Compromised PC? 17 220
We receive files from another company that become encrypted after a short time. 5 68
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question